You bought expensive routers and switches from cisco, but made the network easily hackable

A variety of Cisco products have been found to include several serious security flaws that hackers can exploit to cause serious problems, such as denial of service, remote code execution, privilege escalation, and other major vulnerabilities. The Common Vulnerability Scoring System (CVSS) score for these vulnerabilities, which places them in the “critical” category, is meaningful by expressing its severity.

According to the CVSS rating methodology, four of the nine vulnerabilities are classified as serious as they have a score of 9.8 out of 10. The following product lines are affected by all nine vulnerabilities. –

The 350 Series Managed Switches and 250 Series Smart Switches have a fix in firmware version 2.5.9.16.
350X Series Stackable Managed Switches (fixed in firmware version 2.5.9.16)
550X Series Stackable Managed Switches (Fixed in firmware version 2.5.9.16)
Business 250 Series Smart Switches (fixed in firmware version 3.3.0.16)
Business 350 series switches (fixed in firmware version 3.3.0.16)
200 Series Small Business Smart Switches (Will not be patched)
Small Business 300 Series Switches (Will not be patched)
Small Business 500 Series Patchless Stackable Managed Switches

The four security flaws (CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, and CVE-2023-20189) originate from a flaw in the Cisco Small Business web-based user interface. Series Switch. Improper validation of requests sent to the web interface is what leads to the vulnerabilities. Due to the lack of validation, a malicious request can execute arbitrary code with root privileges on the damaged device.

This implies that a remote attacker could possibly make a custom request via the web interface and execute arbitrary code with root capabilities on the target device without requiring authentication. Such an exploit has serious repercussions as it gives the attacker wide access to the compromised system.

Cisco has made software updates available to help reduce these vulnerabilities. Since there are currently no effective workarounds, it is imperative that users and administrators of affected Cisco equipment apply these updates as soon as possible.

The Unauthenticated Configuration Read Vulnerability (CVE-2023-20162), the Unauthenticated Denial of Service Vulnerability (CVE-2023-20158), and the Unauthenticated Heap Buffer Overflow Vulnerability (CVE-2023-20024, CVE -2023-20156 and CVE-2023-20157) on Cisco Small Business Series switches were among five other high-severity flaws for which patches were released this week.

It is crucial to note that despite the fact that these vulnerabilities have proof-of-concept exploit codes available, the Cisco Product Security Incident Response Team (PSIRT) noted that, to their knowledge, these vulnerabilities have not yet been released. have been used in cyber attacks. However, the fact that these attack codes exist demonstrates how quickly these vulnerabilities must be fixed.

Network administrators and users of affected Cisco equipment should note that products that have already entered the end-of-life process will not get firmware updates that resolve these vulnerabilities.

He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He has also worked for security companies such as Kaspersky Lab. His daily work includes investigating new malware and cybersecurity incidents. He also has a deep level of knowledge in mobile security and mobile vulnerabilities.

Send news tips to [email protected] or www.instagram.com/iicsorg/

You can also find us on Telegram www.t.me/noticiasciberseguridad